112th Day Of Lockdown

Maharashtra26766514900710695 Tamil Nadu147324973102099 Delhi115346932363446 Karnataka4407717391846 Gujarat43723305552070 Uttar Pradesh3972424981983 Telangana3774524840375 Andhra Pradesh3301917467408 West Bengal3283819931980 Rajasthan2557119169524 Haryana2262817090312 Madhya Pradesh1900513575673 Bihar1885313019143 Assam178081217451 Odisha14280986496 Jammu and Kashmir111736223195 Kerala8931443835 Punjab85115663213 Chhatisgarh4379327520 Jharkhand4225242836 Uttarakhand3686286750 Goa2753160718 Tripura218315382 Manipur167210200 Puducherry153182918 Himachal Pradesh130993810 Nagaland8963460 Chandigarh60044610 Arunachal Pradesh3871453 Meghalaya318462 Mizoram2381590 Sikkim211860
Technology Other News 13 Sep 2019 Researchers say over ...

Researchers say over 1 Billion people have been affected by this spyware

DECCAN CHRONICLE.
Published Sep 13, 2019, 5:01 pm IST
Updated Sep 13, 2019, 5:04 pm IST
Researchers have detected unusual activity over messaging and signalling bearers of some customers, which could be due to a new spyware.
Called ‘Simjacker’ it has revealed locations and IMEI numbers to attacks without letting the phone’s owner know, says the firm’s TIU team.
 Called ‘Simjacker’ it has revealed locations and IMEI numbers to attacks without letting the phone’s owner know, says the firm’s TIU team.

AdaptiveMobile Security has detected unusual activity over messaging and signalling bearers of specific customers which it says is part of a new spyware attack.  Called ‘Simjacker’ it has revealed locations and IMEI numbers to attacks without letting the phone’s owner know, says the firm’s TIU team.

The firm believes this vulnerability has been exploited well by an organized group of hackers at least for the past two years. Subsequent, deeper investigation revealed a vulnerability that allowed almost every single mobile device in affected operators to be open to manipulation.

 

How the attack worked

In a report, the firm revealed that the attack involves a SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the SIM Card within the phone to ‘take over’ the mobile phone to retrieve and perform sensitive commands. The attacks exploit the ability to send SIM Toolkit Messages and the presence of the S@T Browser on the SIM card of vulnerable subscribers. The attack messages use the S@T Browser functionality to trigger proactive commands that are sent to the handset. The responses to these commands are sent back from the handset to the SIM card and stored there temporally. Once the relevant information is retrieved from the handset, another proactive command is sent to the handset to send an SMS out with the information.

 

AMS correlated the Simjacker sources with known malicious threat actors and discovered that the source is a large professional surveillance company, with very sophisticated abilities in both signalling and handsets. These types of companies exploit the fact that some mobile operators may incorrectly regard core network security as solved if they deploy a standard GSMA ‘compliant’ firewall.

Over 1 Billion probably impacted

AdaptiveMobile Security research indicates that the Simjacker vulnerability could extend to over 1 billion mobile phone users globally, potentially impacting countries in the Americas, Africa, Europe, the Middle East and indeed any region of the world where this SIM card technology is in use. The issue is that in affected operators, the SIM cards do not check the origin of messages that use the S@T Browser, and SIMs allow data download via SMS. Other types of attacks are also possible using the S@T Browser, including: location tracking, fraud, denial of service, malware spreading and call interception.

 

Click on Deccan Chronicle Technology and Science for the latest news and reviews. Follow us on Facebook, Twitter

...




ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT